Vista laid low by new malware figures

It looks as if Vista's reputation for improved security could be heading for the pages of history. PC Tools has renewed last week's attack on the platform with new figures that appear to back up its claim that Vista is almost as vulnerable as its predecessors.

According to analysis from the Australian company's ThreatFire user base, 58,000 PCs running Vista were compromised by at least one piece of malware over the six months to May 2008, equivalent to 27 percent of all Vista machines probed. Vista made up 12.6 percent, or 190,692, of the 1,513,502 machines running Windows in the user base.

In total, Vista suffered 121,380 instances of malware from its 190,000 user base, a rate of malware detection per system is proportionally lower than that of XP, which saw 1,319,144 malware infections from a user base of 1,297,828 machines, but it indicates a problem that is worse than Microsoft has been admitting to.

Only a week ago, PC Tools revealed that Vista was as likely to be hit with software vulnerabilities as Windows 2000, a claim that was denied by a Microsoft staffer in a blog.

The problem with the figures given in all cases is that it is still hard to make direct - and therefore meaningful - comparisons. As PC Tools makes clear, that malware was detected did not mean harm had been done, simply that Vista's own security had in some way been circumvented to the degree that its ThreatFire tool stepped in.

"It is important to highlight that all systems used in the research pool were at the very least running PC Tool's ThreatFire and that because the technology is behavioral-based, the data refers to threats that actually executed and triggered our behavioral detection on the client machine", said PC Tools' CEO, Simon Clausen, before aiming a kick at Microsoft's own security software.

"Furthermore, in response to alternative research from Microsoft's Malicious Software Removal Tool, PC Tools highlights that the MSRT is not a comprehensive anti-virus scanner, but a malware removal tool for a limited range of "specific, prevalent malicious software."

An obvious objection to this is that any operating system will suffer a degree of malware compromise, which could be traced back to a variety of issues including user behavior. The acid test for Vista will be its ability to resist serious attacks over the longer term, something it has so far managed to do. However, the figures do suggest that malware writers are mastering the OS, a possible sign of trouble to come

PC Tools has publicized details of some of the malware types it has found on Vista systems during its scans, including three pages of variants based on Trojan.Agent, a few of which were described as serious.

At time of writing, Microsoft had not responded to PC Tools' allegations.